package freedom.utils.jwt.core;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;

/**
 * 401 未授权：未登录
 * 
 * @author Charlie Cao
 *
 */
public final class Http401AuthenticationEntryPoint implements AuthenticationEntryPoint {
	private static final Log logger = LogFactory.getLog(Http401AuthenticationEntryPoint.class);
	private String msg;

	public Http401AuthenticationEntryPoint(String msg) {
		this.msg = msg;
	}

	/**
	 * Always returns a 401 error code to the client.
	 */

	public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException)
			throws IOException, ServletException {
		if (logger.isDebugEnabled()) {
			logger.debug("Pre-authenticated entry point called. Rejecting access");
		}
		response.sendError(HttpServletResponse.SC_UNAUTHORIZED, msg);
	}

}
